Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Basecamp' disclosed a bug submitted by b'ian' 
b'RCE via exposed JMX server on jabber.37signals.com/jabber.basecamp.com'
26 Apr 2022 timeline
b'Nutanix' disclosed a bug submitted by b'tosun' 
b'Local file disclosure through SSRF at next.nutanix.com'
25 Apr 2022 timeline
b'Krisp' disclosed a bug submitted by b'sammam' 
b"Force User to Accept Attacker's invite [ Restrict user to create account]"
25 Apr 2022 timeline
b'Krisp' disclosed a bug submitted by b'razahack' 
b'Visibility Robots.txt file'
25 Apr 2022 timeline
b'Shopify' disclosed a bug submitted by b'danishalkatiri' 
b'Xss triggered in Your-store.myshopify.com/myshopify.com/admin/apps/shopify-email/editor/****'
25 Apr 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 comparison disaster'
25 Apr 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 bypass if string not 32 chars'
25 Apr 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'--libcurl code injection via trigraphs'
24 Apr 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'palmeral' 
b' Renderers can obtain access to random bluetooth device without permission'
23 Apr 2022 timeline
b'Kubernetes' disclosed a bug submitted by b'thisbug' 
b'Attacker can bypass authentication build on ingress external auth (`nginx.ingress.kubernetes.io/auth-url`)'
23 Apr 2022 timeline
b'Shopify' disclosed a bug submitted by b'encryptsaan123' 
b'Bypass of fix #1370749'
22 Apr 2022 timeline
b'Shopify' disclosed a bug submitted by b'tomorrow_future' 
b'After changing the storefront password, the preview link is still valid'
21 Apr 2022 timeline
b'BlackRock' disclosed a bug submitted by b'mrccrqr' 
b'Open redirect by the parameter redirectUri in the URL'
21 Apr 2022 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'[h1-2102] [Plus] User with Store Management Permission can Make changeDomainEnforcementState - that should be limited to User Management Only'
21 Apr 2022 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'[h1-2102] [Plus] User with Store Management Permission can Make convertUsersFromSaml/convertUsersToSaml - that should be limited to User Management'
21 Apr 2022 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'[h1-2102] [PLUS] User with Store Management Permission can Make enforceSamlOrganizationDomains call - that should be limited to User Management Only'
21 Apr 2022 timeline
b'Shopify' disclosed a bug submitted by b'ayyoub' 
b'User with no Develop apps permission can Uninstall Custom App'
21 Apr 2022 timeline
b'Shopify' disclosed a bug submitted by b'ramsexy' 
b'[h1-2102] Improper Access Control at https://shopify.plus/[id]/users/api in operation UpdateOrganizationUserRole'
21 Apr 2022 timeline
b'Shopify' disclosed a bug submitted by b'4bel' 
b'Same the Url'
21 Apr 2022 timeline
b'curl' disclosed a bug submitted by b'medianmedianstride' 
b"curl proceeds with unsafe connections when -K file can't be read"
21 Apr 2022 timeline
1 ... 113 114 115 116 117 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM